快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352231
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2023-53915 |
Zenphoto 1.6 Stored Cross-Site Scripting via Album Description
|
MEDIUM | 5.1 | 2025-12-17 |
Zenphoto Zenphoto
zenphoto zenphoto
|
CVE NVD | |
| CVE-2023-53914 |
UliCMS 2023.1 Authentication Bypass via Mass Assignment Vulnerability
|
CRITICAL | 9.3 | 2025-12-17 |
ulicms Ulicms
ulicms ulicms
|
CVE NVD | |
| CVE-2023-53913 |
Rukovoditel 3.3.1 CSV Injection via User Account Export
|
MEDIUM | 6.2 | 2025-12-17 |
Rukovoditel Rukovoditel
rukovoditel rukovoditel
|
CVE NVD | |
| CVE-2023-53912 |
USB Flash Drives Control 4.1.0.0 Unquoted Service Path Privilege Escalation
|
HIGH | 8.5 | 2025-12-17 |
BiniSoft USB Flash Drives Control
|
CVE NVD | |
| CVE-2023-53911 |
Textpattern CMS 4.8.8 Authenticated Stored Cross-Site Scripting via Article Excerpt
|
MEDIUM | 5.1 | 2025-12-17 |
Tmrswrr Textpattern CMS
textpattern textpattern
|
CVE NVD | |
| CVE-2023-53910 |
WBCE CMS 1.6.1 Stored Cross-Site Scripting via Page Content
|
MEDIUM | 5.1 | 2025-12-17 |
wbce-cms WBCE CMS
wbce wbce_cms
|
CVE NVD | |
| CVE-2023-53909 |
WBCE CMS 1.6.1 SVG File Content Cross-Site Scripting
|
MEDIUM | 5.1 | 2025-12-17 |
wbce-cms WBCE CMS
wbce wbce_cms
|
CVE NVD | |
| CVE-2023-53908 |
HiSecOS 04.0.01 Privilege Escalation via User Role Modification
|
HIGH | 8.7 | 2025-12-17 |
Belden HiSecOS
|
CVE NVD | |
| CVE-2023-53907 |
Bludit 路径遍历漏洞
|
HIGH | 7.1 | 2025-12-17 |
Bludit Backup Plugin
bludit bludit
|
CVE NVD +1 | |
| CVE-2023-53906 |
ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page
|
MEDIUM | 5.1 | 2025-12-17 |
projectSend projectSend
projectsend projectsend
|
CVE NVD | |
| CVE-2023-53905 |
ProjectSend 安全漏洞
|
MEDIUM | 6.2 | 2025-12-17 |
projectSend projectSend
projectsend projectsend
|
CVE NVD +1 | |
| CVE-2023-53904 |
Xenforo 2.2.13 Authenticated Stored Cross-Site Scripting via Smilie Categories
|
MEDIUM | 5.1 | 2025-12-17 |
Xenforo Xenforo
|
CVE NVD | |
| CVE-2025-66029 |
Open OnDemand affected by Apache proxy passing sensitive headers
|
HIGH | 7.6 | 2025-12-17 |
OSC ondemand
|
CVE NVD | |
| CVE-2025-14833 |
code-projects Online Appointment Booking System deletemanagerclinic.php sql injection
|
MEDIUM | 6.9 | 2025-12-17 |
code-projects Online Appointment Booking System
anisha online_appointment_booking_system
|
CVE NVD | |
| CVE-2025-68429 |
Storybook manager bundle may expose environment variables during build
|
HIGH | 7.3 | 2025-12-17 |
storybookjs storybook
storybookjs storybook
+2个
|
CVE NVD | |
| CVE-2025-68434 |
opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation
|
HIGH | 8.8 | 2025-12-17 |
opensourcepos opensourcepos
opensourcepos open_source_point_of_sale
|
CVE NVD | |
| CVE-2025-68147 |
opensourcepos has a Cross-site Scripting vulnerability
|
HIGH | 8.1 | 2025-12-17 |
opensourcepos opensourcepos
opensourcepos open_source_point_of_sale
|
CVE NVD | |
| CVE-2025-68145 |
Model Context Protocol Servers 路径遍历漏洞
|
MEDIUM | 6.4 | 2025-12-17 |
modelcontextprotocol servers
|
CVE NVD +1 | |
| CVE-2025-68144 |
Model Context Protocol Servers 参数注入漏洞
|
MEDIUM | 6.3 | 2025-12-17 |
modelcontextprotocol servers
|
CVE NVD +1 | |
| CVE-2025-68143 |
Model Context Protocol Servers 路径遍历漏洞
|
MEDIUM | 6.5 | 2025-12-17 |
modelcontextprotocol servers
|
CVE NVD +1 |